Advocate (Dr.) Prashant Mali's Blog

5 things you should consider removing or not posting to Facebook and/or other social networks. 1. You or Your Family's Full Birth Dates and Address We all love getting happy birthdays from our friends on our Facebook wall. It makes us feel all warm inside knowing that people remembered and cared enough to write us a short note on our special day. If you are having a private party, leave the addre ss off Facebook, unless you are in a public place. We have all seen what happens in the media, when you or your friends privacy settings are compromised. The problem is when you list your birthday and your address, you are providing identity thieves with 2 of the 3 or 4 pieces of personal information that is needed to steal your identity. It's best to not list the address or the birth date at all, but if you must list the birth date, at least leave out the year. Your real friends should know this info anyway. 2. Your Relationship Status Whether you are in a relationship or not,

A handbook by Nato's Co-operative Cyber Defence Centre of Excellence (CCDCOE), located in Tallinn, Estonia is released. The centre was established in 2008 after Estonia suffered massive cyber attacks which wreaked havoc on the country's network infrastructure. The guidelines include a provision for states to respond with conventional force if cyber attacks by another state resulted in death or significant damage to property. It also states that hackers who take part in online attacks during a war can be legitimate targets even though they are technically civilians and not soldiers. Some rules that cover conventional warfare such as the Geneva Convention have been adapted to the internet. For example, attacks on certain key civilian sites are outlawed. In order to avoid the release of dangerous forces and consequent severe losses among the civilian population, particular care must be taken during cyber attacks against works and installations containing dangerous forces,

Chinese Hardware - A Cyber Security Threat to India I remember when I was a child and use to ask questions to self, if Japanese wants to revenge on USA then are they putting some kind of Trojan bombs activated remotely in various televisions, music systems, Water Heaters, emergency lights and cars they export heavily and cheaply to the USA. Japanese could in the long awaited need of revenge and what could worst then detonating multiple bombs in the television sets across American cities and causing panic with havoc without any atom bomb. These Chinese have resident revenge in their minds because of India being towering in the Asian region with IT revolution and largest English speaking population. Indians also always keep china scratching them wrongly by exhibiting His Holiness Dalai Lama. Now let’s look at how cyber security critical items are being used by Indian companies in the pretext of cost cutting and Chinese executives who serve majorly there state are fully aware

Who is an Intermediary in India ? Ans: As per Section 2(1)(w) of the IT Act, 2000 (Indian Cyber Law) "Intermediary" with respect to any particular electronic records, means any person who on behalf of another person receives , stores or transmits that record or provides any service with respect to that record and includes telecom service providers, network service providers, internet service providers, web hosting service providers, search engines, online payment sites, online-auction sites, online market places and cyber cafes; 1. All Banks ,Insurance & Finance companies 2. All Stock Exchanges(NSE,BSE,MCX etc) 3. All ISP's(BSNL,MTNL,SIFY,Tikona etc) 4. All Telecom Companies(Airtel, Vodafone, Aircel, Reliance etc) 5. All Auction Sites(ebay.in,Quickr,mybid.in,Auto auction sites etc) 6. All ecommerce sites(flipkart,myntra,jabong,amazon etc) 7. All Payment gateways 8. Search Engines  9. cyber cafe(Any place where public surfing on internet is allowed) 10

After Shouting and advocating for Chip & Pin cards for more than two years in various National TV Channels and demonstrating loop holes and easy cloning process of currently employed Magnetic strip debit and credit cards, finally RBI has woken now and has asked banks to change the Cards technology to embed Chips & make entering of pin number compulsory by June 2013. One more thing i have advocating further that is sharing of client/customer data by bank to its subsidiaries or different legal entities like credit card division is blatant violation of Indian Cyber Law aka The IT Act,2000. Banks can be hammered with crores of rupees in damages and compensation for the very act. Every  Bank customer should know this that if bank has to share his data with other legal entity then Bank should take (written/email/electronic) permission.